[keycloak-user] Identity Providers (Google) where are the tokens?
Nick Powers
sshscp at gmail.com
Wed Jul 17 20:58:47 EDT 2019
Hello,
I have configured Keycloak to authenticate users using Google as an
identity provider and it works for basic authentication. I have set
Default Scopes to https://www.googleapis.com/auth/youtube.force-ssl, a
Google scope for accessing the YouTube API. This is obviously getting
communicated to Google because when I do authenticate Google prompts me for
the YouTube permissions. But, I am not seeing the Google access/refresh
tokens in the logs (I have configured logging for
org.keycloak.social.user_profile_dump
to DEBUG). Logs pasted below. My original plan was to examine the DEBUG
logs to learn the structure of the data and then use a Mapper to gain
access to that data but now I am at a loss because Google's access/refresh
tokens are not in the log. I think I must be missing something. HELP! :)
Below is what I am seeing in the logs. I get the user info but not the
tokens. :(
23:19:50,259 DEBUG [org.keycloak.social.user_profile_dump] (default
task-95) User Profile JSON Data for provider google:
{"sub":"116437238580102652286","name":"Nick
Powers","given_name":"Nick","family_name":"Powers","picture":"
https://lh3.googleusercontent.com/-zeavnWWwmto/AAAAAAAAAAI/AAAAAAAAANE/BOnJMZ_xqp8/photo.jpg
"}
Thanks - Nick
More information about the keycloak-user
mailing list